From d39fd6d5f4c0a63cc048b84b0f989cb83f31e5fe Mon Sep 17 00:00:00 2001 From: Carlos Garcia Campos Date: Tue, 8 Jun 2021 10:57:06 +0200 Subject: [PATCH 1/2] Use GUri instead of SoupURI Upstream-Status: Submitted [https://gitlab.gnome.org/GNOME/librest/-/merge_requests/6] --- configure.ac | 2 +- rest-extras/flickr-proxy.c | 19 ++++++++++++++----- rest/oauth-proxy-call.c | 19 ++++++++++++++----- rest/oauth2-proxy.c | 22 +++++++++++----------- 4 files changed, 40 insertions(+), 22 deletions(-) diff --git a/configure.ac b/configure.ac index d15e592..d586e69 100644 --- a/configure.ac +++ b/configure.ac @@ -40,7 +40,7 @@ AM_PROG_CC_C_O LT_PREREQ([2.2.6]) LT_INIT([disable-static]) -PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.44) +PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.67.4) PKG_CHECK_MODULES(SOUP, libsoup-2.4 >= 2.42) PKG_CHECK_MODULES(XML, libxml-2.0) PKG_CHECK_MODULES(GTHREAD, gthread-2.0) diff --git a/rest-extras/flickr-proxy.c b/rest-extras/flickr-proxy.c index 3342a4d..7726359 100644 --- a/rest-extras/flickr-proxy.c +++ b/rest-extras/flickr-proxy.c @@ -304,13 +304,13 @@ flickr_proxy_build_login_url (FlickrProxy *proxy, const char *frob, const char *perms) { - SoupURI *uri; + GUri *uri; GHashTable *params; char *sig, *s; + char *query; g_return_val_if_fail (FLICKR_IS_PROXY (proxy), NULL); - uri = soup_uri_new ("http://flickr.com/services/auth/"); params = g_hash_table_new (g_str_hash, g_str_equal); g_hash_table_insert (params, "api_key", proxy->priv->api_key); @@ -321,14 +321,23 @@ flickr_proxy_build_login_url (FlickrProxy *proxy, sig = flickr_proxy_sign (proxy, params); g_hash_table_insert (params, "api_sig", sig); + query = soup_form_encode_hash (params); - soup_uri_set_query_from_form (uri, params); + uri = g_uri_build (G_URI_FLAGS_ENCODED, + "http", + NULL, + "flickr.com", + -1, + "services/auth/", + query, + NULL); - s = soup_uri_to_string (uri, FALSE); + s = g_uri_to_string (uri); + g_free (query); g_free (sig); g_hash_table_destroy (params); - soup_uri_free (uri); + g_uri_unref (uri); return s; } diff --git a/rest/oauth-proxy-call.c b/rest/oauth-proxy-call.c index c90c69d..e238c3c 100644 --- a/rest/oauth-proxy-call.c +++ b/rest/oauth-proxy-call.c @@ -30,7 +30,7 @@ G_DEFINE_TYPE (OAuthProxyCall, oauth_proxy_call, REST_TYPE_PROXY_CALL) -#define OAUTH_ENCODE_STRING(x_) (x_ ? soup_uri_encode( (x_), "!$&'()*+,;=@") : g_strdup ("")) +#define OAUTH_ENCODE_STRING(x_) (x_ ? g_uri_escape_string( (x_), NULL, TRUE) : g_strdup ("")) static char * sign_plaintext (OAuthProxyPrivate *priv) @@ -136,15 +136,24 @@ sign_hmac (OAuthProxy *proxy, RestProxyCall *call, GHashTable *oauth_params) if (priv->oauth_echo) { g_string_append_uri_escaped (text, priv->service_url, NULL, FALSE); } else if (priv->signature_host != NULL) { - SoupURI *url = soup_uri_new (url_str); + GUri *url = g_uri_parse (url_str, G_URI_FLAGS_ENCODED, NULL); + GUri *new_url; gchar *signing_url; - soup_uri_set_host (url, priv->signature_host); - signing_url = soup_uri_to_string (url, FALSE); + new_url = g_uri_build (g_uri_get_flags (url), + g_uri_get_scheme (url), + g_uri_get_userinfo (url), + priv->signature_host, + g_uri_get_port (url), + g_uri_get_path (url), + g_uri_get_query (url), + g_uri_get_fragment (url)); + signing_url = g_uri_to_string (new_url); g_string_append_uri_escaped (text, signing_url, NULL, FALSE); - soup_uri_free (url); + g_uri_unref (new_url); + g_uri_unref (url); g_free (signing_url); } else { g_string_append_uri_escaped (text, url_str, NULL, FALSE); diff --git a/rest/oauth2-proxy.c b/rest/oauth2-proxy.c index 24e5da0..3382f8b 100644 --- a/rest/oauth2-proxy.c +++ b/rest/oauth2-proxy.c @@ -37,8 +37,6 @@ oauth2_proxy_error_quark (void) return g_quark_from_static_string ("rest-oauth2-proxy"); } -#define EXTRA_CHARS_ENCODE "!$&'()*+,;=@" - enum { PROP_0, PROP_CLIENT_ID, @@ -242,8 +240,8 @@ append_query_param (gpointer key, gpointer value, gpointer user_data) char *encoded_val, *encoded_key; char *param; - encoded_val = soup_uri_encode (value, EXTRA_CHARS_ENCODE); - encoded_key = soup_uri_encode (key, EXTRA_CHARS_ENCODE); + encoded_val = g_uri_escape_string (value, NULL, TRUE); + encoded_key = g_uri_escape_string (key, NULL, TRUE); param = g_strdup_printf ("%s=%s", encoded_key, encoded_val); g_free (encoded_key); @@ -295,8 +293,8 @@ oauth2_proxy_build_login_url_full (OAuth2Proxy *proxy, g_hash_table_foreach (extra_params, append_query_param, params); } - encoded_uri = soup_uri_encode (redirect_uri, EXTRA_CHARS_ENCODE); - encoded_id = soup_uri_encode (proxy->priv->client_id, EXTRA_CHARS_ENCODE); + encoded_uri = g_uri_escape_string (redirect_uri, NULL, TRUE); + encoded_id = g_uri_escape_string (proxy->priv->client_id, NULL, TRUE); url = g_strdup_printf ("%s?client_id=%s&redirect_uri=%s&type=user_agent", proxy->priv->auth_endpoint, encoded_id, @@ -378,20 +376,22 @@ oauth2_proxy_extract_access_token (const char *url) { GHashTable *params; char *token = NULL; - SoupURI *soupuri = soup_uri_new (url); + const char *fragment; + GUri *uri = g_uri_parse (url, G_URI_FLAGS_ENCODED, NULL); - if (soupuri->fragment != NULL) { - params = soup_form_decode (soupuri->fragment); + fragment = g_uri_get_fragment (uri); + if (fragment != NULL) { + params = soup_form_decode (fragment); if (params) { char *encoded = g_hash_table_lookup (params, "access_token"); if (encoded) - token = soup_uri_decode (encoded); + token = g_uri_unescape_string (encoded, NULL); g_hash_table_destroy (params); } } - soup_uri_free (soupuri); + g_uri_unref (uri); return token; } -- 2.33.1